Overview


Why would you want to define risk weights?

The Vulcan Platform incorporates different contextual attributes to produce a dynamic risk score for each vulnerability in your environment. The system allows you to set your own weights for the different attributes and choose which aspects are more important to you.

When defining risk priority weights, you can set different wights for CVE-based vulnerabilities (which have threat feeds) and for non-CVE-based vulnerabilities (which do NOT have threat feeds). This keeps a level playing field, giving vulnerabilities a more accurate risk score based on their attributes.

Define risk weights

To define your risk priority weights:

  1. Go to Settings > Risk

  2. Set the numbers (weights) for each attribute. The values in each row must add up to one.

    Use the table to set different weights for the attributes that define the risk for each vulnerability instance (atomic risk):

Attribute

Description

Severity

CVSS or other scores as provided by the scanning vendor.

Threats

Exploits, malware, and other threat intelligence retrieved

Tags

The impact (high, medium, low) of tags on the vulnerable assets.


Did this answer your question?